SR-C65791 · Issue 404437
database connection leak resolved
Resolved in Pega Version 8.1.1
A database connection leak was traced to the resultset package not being closed if an exception occurred while executing the query. A try/catch has been added to the database.list method so that in the case of an exception, the ResultSetPackager (which was created in the line above the database.list call) will be properly closed. Additional error logging has also been added.
SR-C66639 · Issue 406176
Localization added to "Text" in Themes page
Resolved in Pega Version 8.1.1
The header "Text" in the Themes page was not localized properly due to the field value created in the wrong applies-to class . There is a field value in @baseclass but is in Pega- DecisionArchitect ruleset might not have been considered while exporting rules for translation . Will create another one in @baseclass /Pega-EndUserUI
SR-C67164 · Issue 406358
Operator security bypass now available to multitenancy environments
Resolved in Pega Version 8.1.1
In Pega 8.1, whenever operator records are imported via a RAP file they are disabled by default for the purpose of increased security. When performing this operation there is an option to bypass this feature so that operators are not disabled upon import, but that bypass was not available in multitenancy environments. To allow or that use, this release includes an enhancement to expose a parameter on PegaRULESMove_Zip_To_DB to support bypassing operator security.
SR- · Issue 403102
Links updated for Security Checklist rule documentation
Resolved in Pega Version 8.1.1
The links for the following tasks in the documentation for the Security Checklist rule have been updated: "Secure web.xml"; "Appropriately encrypt data"; and "Define appropriate access control for client personal info subject to regulations like EU GDPR". In addition, the task "Configure Dynamic System Settings for production" has been renamed to"Define appropriate Cross-Site Request Forgery (CSRF) settings" and is linked to the CSRF landing page.
SR- · Issue 404593
Thread name implementation fixed for FCM use with micro DC
Resolved in Pega Version 8.1.1
When attempting to invoke a remote case in the Interaction Manager portal via FCM with the Customer Service for Insurance application which uses micro DC, the case was not invoked and an empty screen was displayed. Invoking the case from the interaction portal resulted in a JavaScript error. Invoking the case from a WSS or directly from the Create button in Designer Studio worked correctly. This was traced to a recent change to the implementation for generating the thread name. Because of this, CRM apps could not load the Federated cases via micro DC. This has been fixed through changes in "pzFCMMashupGadget" to replace the slash with underscore for the FCM thread.
SR- · Issue 406436
OIDC and authorization_code flow corrected
Resolved in Pega Version 8.1.1
The OIDC and authorization_code flow was not working work on the first attempt. This was traced to the server that was performing the OAuth 2.0 authorization_code redirecting straight to the Pega application after successful user authentication instead of returning an authorization code via redirect_uri. As a result, the Pega application was rendered in a external Safari window which is supposed to be used for user authentication only. Second and subsequent attempts to perform the OAuth 2.0 authorization_code flow were successful and the Mobile Client was logged in. This was caused by the unnecessary retainment of state parameters in the OIDC flow, and has been fixed by removing the code that appended the querystring parameters used for the Hybrid Client.
SR- · Issue 402877
Merge Wizard errors fixed, and created rules will use the highest ruleset version available
Resolved in Pega Version 8.1.1
Code errors in the Merge Wizard that were causing Null Pointer Exception errors have been fixed, In addition, branch rule sets created through this wizard did not have the 'Application validation' option and rule set pre-requisite filled automatically; the system has been updated so the version prerequisite will be the highest existing ruleset version in the ruleset.
INC-194932 · Issue 686277
Handling updated for offlineWorkIDs map
Resolved in Pega Version 8.8
Intermittent failures were seen when deleting attachments on Mobile. These were traced to pega.ui.DCUtils being undefined, and has been resolved by populating the offlineWorkIDs map for attachment-related actions.
INC-188469 · Issue 714843
Updated retainLock for DoClose activity
Resolved in Pega Version 8.8
After sending an external email notification from a case, attempting to use the "close" button resulted in an access denied error. This was traced to a missed use case for recent security improvements which resulted in not setting the required parameter retainLock for the DoClose activity, and has been resolved.
INC-192673 · Issue 689552
Tab highlighting updated
Resolved in Pega Version 8.8
Not all elements were indicated with yellow highlighting when tabbing through the screen. This has been resolved.